<?php

class LoginController extends ControllerBase
{
    public function initialize()
    {
        $this->tag->setTitle('登陆');
        parent::initialize();
    }

    public function indexAction()
    {
        
    }

    //登录操作
    public function loginAction()
    {
    	if ($this->request->isPost()) 
    	{
    		$username = $this->request->getPost("username");
    		$password = $this->request->getPost("password");

            //检查sql注入
            if($this->inject_check($username)){
                echo 'error';
                return;
            }

    		$user = Users::findFirst(array(
                "name = :name: AND password = :password:",
                'bind' => array('name' => $username, 'password' => sha1($password))
            ));
            if ($user != false) {
                $this->_auththentic($user);
                if($user->roles->getRoleName() == "admin") {
                    echo '/admin';
                }else if($user->roles->getRoleName() == "normal"){
                    echo '/index';
                }
                
                return;
            }
    	}

    	echo 'error';
    }

    //认证，选择测试题目1
    private function _auththentic($user)
    {
        
    	$this->session->set('auth', array(
            'uid'   => $user->getId(),
		    'name'  => $user->getName(),
            'role'  => $user->roles->getRoleName(),
            'testId'=> 1
		));
        
    }
}
